Trusted runtime environments are employed in modern System-on-Chip (SoC) architectures developed by for example ARM. In a SoC architecture an isolation technology, such as TrustZone, may be used to separate applications handling sensitive data from other application handling non-sensitive data. The applications handling sensitive data may be referred to as trusted applications. In this context, the isolation technology provides a Trusted Execution Environment (TEE), in which the trusted application may be executed, and a Rich Execution Environment (REE), in which other applications may be executed. The REE may be exemplified by operating systems like Linux, Android and the like. The TEE may be a minimal secure OS running various cryptographic services as Trusted Applications.
The SoC architectures can be implemented in an Application Specific Integrated Circuit (ASIC) in a mobile device. The ASIC often has a very small internal memory, arranged inside the ASIC itself, in order to allow valuable on-chip space to be used for other purposes. External to the ASIC, there are however much larger external memories, or only one external memory. It is often desired to store sensitive data on the internal memory, since this result in higher security due to that the sensitive data never leaves the ASIC. For an attacker, attempting to violate the sensitive data, it is much more difficult to try to extract content from the internal memory as compared to extract content from the external memory. Moreover, the internal memory is available as soon as the ASIC is powered on. In contrast, the external memory needs to be separately powered on, which may be disadvantageous in view of power consumption.
As previously mentioned, the internal memory is limited. Thus, at many times the trusted execution environment must engage the external memory to handle several trusted applications running in parallel. This presents a security problem, since the trusted applications are handling sensitive keys and data in the external memory, which as mentioned may be violated more easily.